Re: lynx-dev Lynx buffer mismanagement

From:

Philip Webb

Subject:

Re: lynx-dev Lynx buffer mismanagement

Date:

Sun, 10 May 1998 08:57:23 -0400 (EDT)

i've had a look at the rather self-congratulatory material
at www.openbsd.org/security.html , which has little else to say.
i've searched the Bugtraq Archive for 1998 & found 3 references to Lynx.
980317 Michal Zalewski reported the tmp race in 2-7-1 :
by then 2-7-1 had been superseded by 2-8, of course,
& the security problem had been fixed by Fote in 2-7-2 ( & 2-8);
980503 someone reported a bug in the Options screen,
which BL pointed out had been fixed by 2-5, if not 2-4;
980503 MZ reported the bug in Mailto: ,
for which BL very promptly provided a patch.
i'ld say Bugtraq needs to try harder to keep up with the latest versions
of the various software products it is testing.
BL quite rightly complained to Bugtraq that it would be courteous of them
to copy their findings to the developers of the software concerned,
which seems to have been the origin of Mr de Raadt's outburst here.
--
========================,,============================================
SUPPORT ___________//___, Philip Webb : address@hidden
ELECTRIC /] [] [] [] [] []| Centre for Urban & Community Studies
TRANSIT `-O----------O---' University of Toronto